Export limit exceeded: 363806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363806 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363806 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1793 1 Microsoft 1 Windows 98se 2026-04-16 N/A
User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service (crash) via an icon (.ico) bitmap file with large width and height values.
CVE-2006-2248 1 Northern Solutions 1 Xeneo Web Server 2026-04-16 N/A
Xeneo Web Server 2.2.22.0 allows remote attackers to obtain the source code of script files via crafted requests containing dot, space, and slash characters in the file extension.
CVE-2005-1841 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-16 N/A
The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.
CVE-2005-1871 1 Drupal 1 Drupal 2026-04-16 N/A
Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly."
CVE-2005-1885 1 Yapig 1 Yapig 2026-04-16 N/A
view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via a phid parameter that is not an integer, which reveals the path in an error message.
CVE-2006-2715 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console.
CVE-2005-1886 1 Yapig 1 Yapig 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via (1) the phid parameter or (2) unknown parameters when posting a new comment.
CVE-2005-1893 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message.
CVE-2006-2716 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
CVE-2005-1898 1 Phpthumb 1 Phpthumb 2026-04-16 N/A
The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images.
CVE-2005-1899 1 Rakkarsoft 1 Raknet 2026-04-16 N/A
Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP packet.
CVE-2006-0837 1 Micromuse 1 Netcool Neusecure 2026-04-16 N/A
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
CVE-2005-1903 1 E-post Corporation 1 Spa-pro Mail Atsolomon 2026-04-16 N/A
Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.
CVE-2005-1911 1 Leafnode 1 Leafnode 2026-04-16 N/A
The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
CVE-2005-1916 2 Debian, Ekg Project 2 Debian Linux, Ekg 2026-04-16 5.5 Medium
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
CVE-2006-2721 1 Variomat 1 Variomat 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection.
CVE-2005-1923 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read.
CVE-2006-0850 1 Ilch.de 1 Ilchclan 2026-04-16 N/A
SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-1928 1 Trend Micro 1 Serverprotect Earthagent 2026-04-16 N/A
Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain "magic value" to port 5005, which also leads to a memory leak.
CVE-2006-0858 1 Starforce 1 Safe N Sec Personal \+ Anti-spyware 2026-04-16 N/A
Unquoted Windows search path vulnerability in (1) snsmcon.exe, (2) the autostartup mechanism, and (3) an unspecified installation component in StarForce Safe'n'Sec Personal + Anti-Spyware 2.0 and earlier, and possibly other StarForce Safe'n'Sec products, might allow local users to gain privileges via a malicious "program" file in the C: folder.